Upcoming Events: Troopers 2016

Last autumn’s SDN roadtrip left me totally exhausted – at the moment it’s so bad that I can’t push myself to work on non-urgent things – but there are some conferences are that so awesome that I wouldn’t skip them no matter what.

Troopers 16 (March 14th – 18th in Heidelberg, Germany) is a must-go-to security conference. Past events were fantastic, and when Enno Rey asked me what I’d like to talk about this year it wasn’t hard to come up with three interesting topics:

Read more ...

EFF says Cisco shouldn’t get off the hook for torture in China

Cisco Systems built a security system for the Chinese government knowing it would be used to track and persecute members of the Falun Gong religious minority, according to the Electronic Frontier Foundation technology rights group.Falun Gong practitioners alleged the same thing in a lawsuit that a federal judge in Northern California dismissed in 2014. That case is being appealed, and on Monday the EFF, Privacy International and free-speech group Article 19 filed a brief that supports the appeal.The case highlights the risks technology companies take by selling software and hardware to customers around the world. Some of those customers may use the technology in ways that raise objections in other countries, creating legal problems or just tarnishing a vendor's reputation.To read this article in full or to leave a comment, please click here

EFF says Cisco shouldn’t get off the hook for torture in China

Cisco Systems built a security system for the Chinese government knowing it would be used to track and persecute members of the Falun Gong religious minority, according to the Electronic Frontier Foundation technology rights group.Falun Gong practitioners alleged the same thing in a lawsuit that a federal judge in Northern California dismissed in 2014. That case is being appealed, and on Monday the EFF, Privacy International and free-speech group Article 19 filed a brief that supports the appeal.The case highlights the risks technology companies take by selling software and hardware to customers around the world. Some of those customers may use the technology in ways that raise objections in other countries, creating legal problems or just tarnishing a vendor's reputation.To read this article in full or to leave a comment, please click here

Android malware steals one-time passcodes

One-time passcodes, a crucial defense for online banking applications, are being intercepted by a malware program for Android, according to new research from Symantec.The malware, called Android.Bankosy, has been updated to intercept the codes, which are part of so-called two-factor authentication systems.Many online banking applications require a login and password plus a time-sensitive code in order to gain access. The one-time passcode is sent over SMS but also can be delivered via an automated phone call.Some banks have moved to call-based delivery of passcodes. In theory, that provides better security since SMS messages can be intercepted by some malware, wrote Dinesh Venkatesan of Symantec in a blog post on Tuesday.To read this article in full or to leave a comment, please click here

Robotic falconry to foil unwanted drones

Described as “Robotic Falconry”, a new way to deal with drones that need to be removed from the air has been demonstrated by Michigan Tech. What’s so neat about this solution to controlling unwanted drones in your airspace is that the system, which uses a net that is fired at the target drone from another drone, snags the intruder and then hauls it away to a secure area so that any payload (for example, drugs or explosives)  can be dealt with. Here's the system in testing:To read this article in full or to leave a comment, please click here

Seven weeks later, here’s your Cisco UCS password!

This might be up there with the cable connector boot that hit the reset button on Cisco switches…For seven weeks, Cisco’s been shipping UCS servers with a default password unknown to its systems administration customers, the company said in a field notice posted yesterday. The Register was first to report on the situation.The default password when initially configuring these servers is supposed to be “password.” But Cisco changed that to “Cisco1234” back in November, apparently without telling customers.To read this article in full or to leave a comment, please click here

Patch Tuesday: Microsoft released 9 security updates, 6 rated critical, 7 for RCE

To start off 2016 Patch Tuesdays, Microsoft released nine security bulletins, six of which are rated as critical and seven resolve remote code execution vulnerabilities.While that many RCEs don’t set any records, Bobby Kuzma, CISSP, systems engineer at Core Security, said, “It still distresses me. Web browsers are not safe, and everyone should be using some kind of content filtering on their networks. It's like wearing a seat belt. Just do it.”Rated criticalFirst up is MS16-001, the cumulative fix for flaws in Internet Explorer which an attacker could exploit to gain remote code execution and have the same rights as the user. The patch is meant to modify how VBScript handles objects in memory and to help ensure that cross-domain policies are properly enforced in Internet Explorer.To read this article in full or to leave a comment, please click here

Wall Street Technology Association introduces its board

The Wall Street Technology Association, which provides a forum for financial industry technology professionals, vendors, service providers, and consultants learn from one another, has introduced its board of directors for the new year.Having been around since 1967, the group is one of the oldest organizations catering to IT professionals, so we figure it's a good thing to give those volunteering as leaders to get a bit of attention. Here's the board:*President : James Kostulias, Chief Information Officer, TD Ameritrade To read this article in full or to leave a comment, please click here

Will your car become a mini-data center? IBM thinks that’s just the beginning

In the not too distant future many consumers expect autonomous, self-driving cars that repair problems without human intervention, implement cognitive computing to adapt the car to a particular driver’s behaviors and react to the vehicle’s environment.Those are at least some of the conclusions gleaned from IBM’s “Auto 2025: A New Relationship – People and Cars” research involving 16,000 global consumers who were asked how they expect to use vehicles in the next ten years.+More on Network World: 20 years ago: Hot sci/tech images from 1995+To read this article in full or to leave a comment, please click here

Will your car become a mini-data center? IBM thinks that’s just the beginning

In the not too distant future many consumers expect autonomous, self-driving cars that repair problems without human intervention, implement cognitive computing to adapt the car to a particular driver’s behaviors and react to the vehicle’s environment.Those are at least some of the conclusions gleaned from IBM’s “Auto 2025: A New Relationship – People and Cars” research involving 16,000 global consumers who were asked how they expect to use vehicles in the next ten years.+More on Network World: 20 years ago: Hot sci/tech images from 1995+To read this article in full or to leave a comment, please click here

My Thoughts On The Death Of IP Telephony

A Candlestick Phone (image courtesy of WIkipedia)

A Candlestick Phone (image courtesy of Wikipedia)

Greg Ferro (@EtherealMind) posted a thought provoking article about collaboration in his Human Infrastructure magazine (which you should be reading). He talks about the death of IP Telephony and the rise of asynchronous communications methods like Slack. He’s got a very interesting point of view. I just happen to disagree with a few of his assertions.

IP Telephony Is Only Mostly Dead

Greg’s stance that IP Telephony is dead is a bit pointed to say the least. He is correct that the market isn’t growing. It is also true that a great number of new workers entering the workforce prefer to use their smartphones for communications, especially the asynchronous kind. However, desk phones are a huge part of corporate communications going forward.

IT shops have a stilted and bizarre world view. If you have a workforce that has to be mobile, whether it be for making service calls or going to customer sites for visits, you have a disproportionately large number of mobile users for sure. But what about organizations that don’t have large mobile populations? What about financial firms or law offices or hospitals? What about retail organizations? These Continue reading

New remote access Trojan Trochilus used in cyberespionage operations

A cyberespionage group has been discovered using a new remote access Trojan, dubbed Trochilus, whose detection rate was very low among antivirus products.The malware was discovered by researchers from Arbor Networks while investigating attacks in Myanmar that were launched from compromised government websites.The researchers linked the compromises to a sophisticated group of attackers known as Group 27, who are known to use different malware programs in their operations, some with overlapping capabilities.Arbor Networks has uncovered seven malware programs used by the group so far, including three remote access Trojans: PlugX, 9002, and the new Trochilus.To read this article in full or to leave a comment, please click here

1 3,138 3,139 3,140 3,141 3,142 3,793